Skip to content

Commit

Permalink
Fixes karlheyes#430 /admin/listclients with URL auth
Browse files Browse the repository at this point in the history 
Normally the /admin/listclients?mountpoint=/stream URL is accessible by authenticating with the <source-password> (when not using Mountpoint Authentication. However when specifying <authentication type="url"> with the stream_auth option the end-point returns 403 Forbidden with "Mountpoint in use".

This PR correctly detects /admin/listclients as a source admin request and fixes karlheyes#430
  • Loading branch information
@TheRealMattLear
TheRealMattLear authored Aug 12, 2023
1 parent a8cfaae commit 305b847
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions src/auth.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -606,6 +606,11 @@ void auth_postprocess_source (auth_client *auth_user)
DEBUG2 ("metadata request (%s, %s)", req, mount);
admin_mount_request (client);
}
else if (strncmp ("/admin/listclients", req, 18) == 0)
{
DEBUG1 ("admin listclients request on mount %s", mount);
admin_mount_request (client);
}
else
{
DEBUG1 ("on mountpoint %s", mount);
Expand Down

1 comment on commit 305b847

@karlheyes
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right idea on this but it should be more general, on line 604

if (strcmp (req, "/admin.cgi") == 0 || strncmp ("/admin/", req, 7) == 0)

there are other mount specific admin requests that need that code path. Confirm that works for you and I'll add it shortly

karl

Please sign in to comment.